CVE-2020-9756

Published: Mar 6, 2020Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Patriot Viper RGB Driver 1.1 and prior exposes IOCTL and allows insufficient access control. The IOCTL Codes 0x80102050 and 0x80102054 allows a local user with low privileges to read/write 1/2/4 bytes from or to an IO port. This could be leveraged in a number of ways to ultimately run code with elevated privileges.

Affected (1)

Products: Patriotmemory: Viper Rgb Firmware

1 product

Viper Rgb Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Patriotmemory Viper Rgb Firmware	Up to 1.1

Running on/with	Platform Versions
Patriotmemory Viper Rgb	All versions

References (2)

https://www.coresecurity.com/advisories/viper-rgb-driver-multiple-vulnerabilities

Source: cve@mitre.org

ExploitThird Party Advisory

https://www.coresecurity.com/advisories/viper-rgb-driver-multiple-vulnerabilities

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.